I thought that in case of an detection I always be able to see what it was, what would be necessary in my case to have an exclusion for the application to be able to run and this is what is missing to have the one detection displayed to exclude and leave the IPS running for the rest.

Anything you add in the list, you have he chance to change it default action. Some IPS signatures have "not log" and you can change it to "log" instead. Once you have this IPS action detected and logged, you can exclude it.

it seems with SEP12 RU2 the IPS Policy is better and now everything that is blocked is also logged. In addition events that are not logged are not blocked, but can be enabled via the exclution to either allow or block and log.